226e9c5ca45facb9b9a36529e09958546c4b351f4b7ae02101f8e3c1d6e3de7b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

226e9c5ca45facb9b9a36529e09958546c4b351f4b7ae02101f8e3c1d6e3de7b.apk
Size

12.1MB
Sample

240820-le1tksthpa
MD5

a27e5d2524a38e7fb3a1ee67dfd043f8
SHA1

e00768606ec18191a7a08f1d8b6dd9f086bcb3f0
SHA256

226e9c5ca45facb9b9a36529e09958546c4b351f4b7ae02101f8e3c1d6e3de7b
SHA512

8083848925b0edbc685fd0d0db1444fd4ba6f8286ad23005c0ac94b36a2a274c18e21be130bcfb8b68277954215c59bb8937008dc891d16d536ff7539ac85ea8
SSDEEP

196608:FrSVmzsX8zGgSlgPESRKc6numMQo21niNo5NgWsx7SqqH2i2oOp15YfFcLlAJUP:FrSVmzkQSlEESknzo1oC6WQOOcqJUP

Score

6^/10

android collection credential_access discovery execution persistence

Malware Config

Targets

- Target
  
  226e9c5ca45facb9b9a36529e09958546c4b351f4b7ae02101f8e3c1d6e3de7b.apk
- Size
  
  12.1MB
- MD5
  
  a27e5d2524a38e7fb3a1ee67dfd043f8
- SHA1
  
  e00768606ec18191a7a08f1d8b6dd9f086bcb3f0
- SHA256
  
  226e9c5ca45facb9b9a36529e09958546c4b351f4b7ae02101f8e3c1d6e3de7b
- SHA512
  
  8083848925b0edbc685fd0d0db1444fd4ba6f8286ad23005c0ac94b36a2a274c18e21be130bcfb8b68277954215c59bb8937008dc891d16d536ff7539ac85ea8
- SSDEEP
  
  196608:FrSVmzsX8zGgSlgPESRKc6numMQo21niNo5NgWsx7SqqH2i2oOp15YfFcLlAJUP:FrSVmzkQSlEESknzo1oC6WQOOcqJUP
Score

6^/10

collection credential_access discovery execution persistence
- Queries information about active data network
  discovery
- Reads information about phone network operator.
  discovery
- Requests accessing notifications (often used to intercept notifications before users become aware).
  collection credential_access
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Defense Evasion

Credential Access

Access Notifications

Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Access Notifications

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

collectioncredential_accessdiscoveryexecutionpersistence